void sspi_CopyAuthIdentity(SEC_WINNT_AUTH_IDENTITY* identity, SEC_WINNT_AUTH_IDENTITY* srcIdentity) { if (identity->Flags == SEC_WINNT_AUTH_IDENTITY_ANSI) { sspi_SetAuthIdentity(identity, (char*) srcIdentity->User, (char*) srcIdentity->Domain, (char*) srcIdentity->Password); identity->Flags = SEC_WINNT_AUTH_IDENTITY_UNICODE; return; } identity->Flags = SEC_WINNT_AUTH_IDENTITY_UNICODE; identity->UserLength = srcIdentity->UserLength; identity->User = (UINT16*) malloc(identity->UserLength * sizeof(WCHAR)); CopyMemory(identity->User, srcIdentity->User, identity->UserLength * sizeof(WCHAR)); identity->DomainLength = srcIdentity->DomainLength; identity->Domain = (UINT16*) malloc(identity->DomainLength * sizeof(WCHAR)); CopyMemory(identity->Domain, srcIdentity->Domain, identity->DomainLength * sizeof(WCHAR)); identity->PasswordLength = srcIdentity->PasswordLength; identity->Password = (UINT16*) malloc(identity->PasswordLength * sizeof(WCHAR)); CopyMemory(identity->Password, srcIdentity->Password, identity->PasswordLength * sizeof(WCHAR)); }
BOOL ntlm_client_init(rdpNtlm* ntlm, BOOL http, LPCTSTR user, LPCTSTR domain, LPCTSTR password, SecPkgContext_Bindings* Bindings) { SECURITY_STATUS status; ntlm->http = http; ntlm->Bindings = Bindings; ntlm->table = InitSecurityInterfaceEx(0); if (!ntlm->table) return FALSE; sspi_SetAuthIdentity(&(ntlm->identity), user, domain, password); status = ntlm->table->QuerySecurityPackageInfo(NTLM_SSP_NAME, &ntlm->pPackageInfo); if (status != SEC_E_OK) { WLog_ERR(TAG, "QuerySecurityPackageInfo status %s [0x%08"PRIX32"]", GetSecurityStatusString(status), status); return FALSE; } ntlm->cbMaxToken = ntlm->pPackageInfo->cbMaxToken; status = ntlm->table->AcquireCredentialsHandle(NULL, NTLM_SSP_NAME, SECPKG_CRED_OUTBOUND, NULL, &ntlm->identity, NULL, NULL, &ntlm->credentials, &ntlm->expiration); if (status != SEC_E_OK) { WLog_ERR(TAG, "AcquireCredentialsHandle status %s [0x%08"PRIX32"]", GetSecurityStatusString(status), status); return FALSE; } ntlm->haveContext = FALSE; ntlm->haveInputBuffer = FALSE; ZeroMemory(&ntlm->inputBuffer, sizeof(SecBuffer)); ZeroMemory(&ntlm->outputBuffer, sizeof(SecBuffer)); ZeroMemory(&ntlm->ContextSizes, sizeof(SecPkgContext_Sizes)); ntlm->fContextReq = 0; if (ntlm->http) { /* flags for HTTP authentication */ ntlm->fContextReq |= ISC_REQ_CONFIDENTIALITY; } else { /** * flags for RPC authentication: * RPC_C_AUTHN_LEVEL_PKT_INTEGRITY: * ISC_REQ_USE_DCE_STYLE | ISC_REQ_DELEGATE | ISC_REQ_MUTUAL_AUTH | * ISC_REQ_REPLAY_DETECT | ISC_REQ_SEQUENCE_DETECT */ ntlm->fContextReq |= ISC_REQ_USE_DCE_STYLE; ntlm->fContextReq |= ISC_REQ_DELEGATE | ISC_REQ_MUTUAL_AUTH; ntlm->fContextReq |= ISC_REQ_REPLAY_DETECT | ISC_REQ_SEQUENCE_DETECT; } return TRUE; }
int credssp_ntlm_client_init(rdpCredssp* credssp) { char* spn; int length; freerdp* instance; rdpSettings* settings; settings = credssp->settings; instance = (freerdp*) settings->instance; if ((settings->Password == NULL) || (settings->Username == NULL)) { if (instance->Authenticate) { BOOL proceed = instance->Authenticate(instance, &settings->Username, &settings->Password, &settings->Domain); if (!proceed) return 0; } } sspi_SetAuthIdentity(&(credssp->identity), settings->Username, settings->Domain, settings->Password); #ifdef WITH_DEBUG_NLA _tprintf(_T("User: %s Domain: %s Password: %s\n"), (char*) credssp->identity.User, (char*) credssp->identity.Domain, (char*) credssp->identity.Password); #endif sspi_SecBufferAlloc(&credssp->PublicKey, credssp->transport->TlsIn->PublicKeyLength); CopyMemory(credssp->PublicKey.pvBuffer, credssp->transport->TlsIn->PublicKey, credssp->transport->TlsIn->PublicKeyLength); length = sizeof(TERMSRV_SPN_PREFIX) + strlen(settings->ServerHostname); spn = (SEC_CHAR*) malloc(length + 1); sprintf(spn, "%s%s", TERMSRV_SPN_PREFIX, settings->ServerHostname); #ifdef UNICODE credssp->ServicePrincipalName = (LPTSTR) malloc(length * 2 + 2); MultiByteToWideChar(CP_UTF8, 0, spn, length, (LPWSTR) credssp->ServicePrincipalName, length); free(spn); #else credssp->ServicePrincipalName = spn; #endif return 1; }
BOOL ntlm_client_init(rdpNtlm* ntlm, BOOL http, char* user, char* domain, char* password, SecPkgContext_Bindings* Bindings) { SECURITY_STATUS status; sspi_GlobalInit(); ntlm->http = http; ntlm->Bindings = Bindings; #ifdef WITH_NATIVE_SSPI { HMODULE hSSPI; INIT_SECURITY_INTERFACE InitSecurityInterface; PSecurityFunctionTable pSecurityInterface = NULL; hSSPI = LoadLibrary(_T("secur32.dll")); #ifdef UNICODE InitSecurityInterface = (INIT_SECURITY_INTERFACE) GetProcAddress(hSSPI, "InitSecurityInterfaceW"); #else InitSecurityInterface = (INIT_SECURITY_INTERFACE) GetProcAddress(hSSPI, "InitSecurityInterfaceA"); #endif ntlm->table = (*InitSecurityInterface)(); } #else ntlm->table = InitSecurityInterface(); #endif sspi_SetAuthIdentity(&(ntlm->identity), user, domain, password); status = ntlm->table->QuerySecurityPackageInfo(NTLMSP_NAME, &ntlm->pPackageInfo); if (status != SEC_E_OK) { DEBUG_WARN( "QuerySecurityPackageInfo status: 0x%08X\n", status); return FALSE; } ntlm->cbMaxToken = ntlm->pPackageInfo->cbMaxToken; status = ntlm->table->AcquireCredentialsHandle(NULL, NTLMSP_NAME, SECPKG_CRED_OUTBOUND, NULL, &ntlm->identity, NULL, NULL, &ntlm->credentials, &ntlm->expiration); if (status != SEC_E_OK) { DEBUG_WARN( "AcquireCredentialsHandle status: 0x%08X\n", status); return FALSE; } ntlm->haveContext = FALSE; ntlm->haveInputBuffer = FALSE; ZeroMemory(&ntlm->inputBuffer, sizeof(SecBuffer)); ZeroMemory(&ntlm->outputBuffer, sizeof(SecBuffer)); ZeroMemory(&ntlm->ContextSizes, sizeof(SecPkgContext_Sizes)); ntlm->fContextReq = 0; if (ntlm->http) { /* flags for HTTP authentication */ ntlm->fContextReq |= ISC_REQ_CONFIDENTIALITY; } else { /** * flags for RPC authentication: * RPC_C_AUTHN_LEVEL_PKT_INTEGRITY: * ISC_REQ_USE_DCE_STYLE | ISC_REQ_DELEGATE | ISC_REQ_MUTUAL_AUTH | * ISC_REQ_REPLAY_DETECT | ISC_REQ_SEQUENCE_DETECT */ ntlm->fContextReq |= ISC_REQ_USE_DCE_STYLE; ntlm->fContextReq |= ISC_REQ_DELEGATE | ISC_REQ_MUTUAL_AUTH; ntlm->fContextReq |= ISC_REQ_REPLAY_DETECT | ISC_REQ_SEQUENCE_DETECT; } return TRUE; }
int nla_client_init(rdpNla* nla) { char* spn; int length; rdpTls* tls = NULL; BOOL PromptPassword = FALSE; freerdp* instance = nla->instance; rdpSettings* settings = nla->settings; WINPR_SAM* sam; WINPR_SAM_ENTRY* entry; nla->state = NLA_STATE_INITIAL; if (settings->RestrictedAdminModeRequired) settings->DisableCredentialsDelegation = TRUE; if ((!settings->Password) || (!settings->Username) || (!strlen(settings->Username))) { PromptPassword = TRUE; } if (PromptPassword && settings->Username && strlen(settings->Username)) { sam = SamOpen(TRUE); if (sam) { entry = SamLookupUserA(sam, settings->Username, strlen(settings->Username), NULL, 0); if (entry) { /** * The user could be found in SAM database. * Use entry in SAM database later instead of prompt */ PromptPassword = FALSE; SamFreeEntry(sam, entry); } SamClose(sam); } } #ifndef _WIN32 if (PromptPassword) { if (settings->RestrictedAdminModeRequired) { if ((settings->PasswordHash) && (strlen(settings->PasswordHash) > 0)) PromptPassword = FALSE; } } #endif if (PromptPassword) { if (instance->Authenticate) { BOOL proceed = instance->Authenticate(instance, &settings->Username, &settings->Password, &settings->Domain); if (!proceed) { freerdp_set_last_error(instance->context, FREERDP_ERROR_CONNECT_CANCELLED); return 0; } } } if (!settings->Username) { nla_identity_free(nla->identity); nla->identity = NULL; } else sspi_SetAuthIdentity(nla->identity, settings->Username, settings->Domain, settings->Password); #ifndef _WIN32 { SEC_WINNT_AUTH_IDENTITY* identity = nla->identity; if (!identity) { WLog_ERR(TAG, "NLA identity=%p", identity); return -1; } if (settings->RestrictedAdminModeRequired) { if (settings->PasswordHash) { if (strlen(settings->PasswordHash) == 32) { free(identity->Password); identity->PasswordLength = ConvertToUnicode(CP_UTF8, 0, settings->PasswordHash, -1, &identity->Password, 0) - 1; /** * Multiply password hash length by 64 to obtain a length exceeding * the maximum (256) and use it this for hash identification in WinPR. */ identity->PasswordLength = 32 * 64; /* 2048 */ } } } } #endif tls = nla->transport->tls; if (!tls) { WLog_ERR(TAG, "Unknown NLA transport layer"); return -1; } if (!sspi_SecBufferAlloc(&nla->PublicKey, tls->PublicKeyLength)) { WLog_ERR(TAG, "Failed to allocate sspic secBuffer"); return -1; } CopyMemory(nla->PublicKey.pvBuffer, tls->PublicKey, tls->PublicKeyLength); length = sizeof(TERMSRV_SPN_PREFIX) + strlen(settings->ServerHostname); spn = (SEC_CHAR*) malloc(length + 1); if (!spn) return -1; sprintf(spn, "%s%s", TERMSRV_SPN_PREFIX, settings->ServerHostname); #ifdef UNICODE nla->ServicePrincipalName = NULL; ConvertToUnicode(CP_UTF8, 0, spn, -1, &nla->ServicePrincipalName, 0); free(spn); #else nla->ServicePrincipalName = spn; #endif nla->table = InitSecurityInterfaceEx(0); nla->status = nla->table->QuerySecurityPackageInfo(NLA_PKG_NAME, &nla->pPackageInfo); if (nla->status != SEC_E_OK) { WLog_ERR(TAG, "QuerySecurityPackageInfo status %s [%08X]", GetSecurityStatusString(nla->status), nla->status); return -1; } nla->cbMaxToken = nla->pPackageInfo->cbMaxToken; nla->status = nla->table->AcquireCredentialsHandle(NULL, NLA_PKG_NAME, SECPKG_CRED_OUTBOUND, NULL, nla->identity, NULL, NULL, &nla->credentials, &nla->expiration); if (nla->status != SEC_E_OK) { WLog_ERR(TAG, "AcquireCredentialsHandle status %s [%08X]", GetSecurityStatusString(nla->status), nla->status); return -1; } nla->haveContext = FALSE; nla->haveInputBuffer = FALSE; nla->havePubKeyAuth = FALSE; ZeroMemory(&nla->inputBuffer, sizeof(SecBuffer)); ZeroMemory(&nla->outputBuffer, sizeof(SecBuffer)); ZeroMemory(&nla->ContextSizes, sizeof(SecPkgContext_Sizes)); /* * from tspkg.dll: 0x00000132 * ISC_REQ_MUTUAL_AUTH * ISC_REQ_CONFIDENTIALITY * ISC_REQ_USE_SESSION_KEY * ISC_REQ_ALLOCATE_MEMORY */ nla->fContextReq = ISC_REQ_MUTUAL_AUTH | ISC_REQ_CONFIDENTIALITY | ISC_REQ_USE_SESSION_KEY; return 1; }
int sspi_CopyAuthIdentity(SEC_WINNT_AUTH_IDENTITY* identity, SEC_WINNT_AUTH_IDENTITY* srcIdentity) { int status; if (srcIdentity->Flags & SEC_WINNT_AUTH_IDENTITY_ANSI) { status = sspi_SetAuthIdentity(identity, (char*) srcIdentity->User, (char*) srcIdentity->Domain, (char*) srcIdentity->Password); if (status <= 0) return -1; identity->Flags &= ~SEC_WINNT_AUTH_IDENTITY_ANSI; identity->Flags |= SEC_WINNT_AUTH_IDENTITY_UNICODE; return 1; } identity->Flags |= SEC_WINNT_AUTH_IDENTITY_UNICODE; /* login/password authentication */ identity->User = identity->Domain = identity->Password = NULL; identity->UserLength = srcIdentity->UserLength; if (identity->UserLength > 0) { identity->User = (UINT16*) calloc((identity->UserLength + 1), sizeof(WCHAR)); if (!identity->User) return -1; CopyMemory(identity->User, srcIdentity->User, identity->UserLength * sizeof(WCHAR)); identity->User[identity->UserLength] = 0; } identity->DomainLength = srcIdentity->DomainLength; if (identity->DomainLength > 0) { identity->Domain = (UINT16*) calloc((identity->DomainLength + 1), sizeof(WCHAR)); if (!identity->Domain) return -1; CopyMemory(identity->Domain, srcIdentity->Domain, identity->DomainLength * sizeof(WCHAR)); identity->Domain[identity->DomainLength] = 0; } identity->PasswordLength = srcIdentity->PasswordLength; if (identity->PasswordLength > SSPI_CREDENTIALS_HASH_LENGTH_OFFSET) identity->PasswordLength -= SSPI_CREDENTIALS_HASH_LENGTH_OFFSET; if (srcIdentity->Password) { identity->Password = (UINT16*) calloc((identity->PasswordLength + 1), sizeof(WCHAR)); if (!identity->Password) return -1; CopyMemory(identity->Password, srcIdentity->Password, identity->PasswordLength * sizeof(WCHAR)); identity->Password[identity->PasswordLength] = 0; } identity->PasswordLength = srcIdentity->PasswordLength; /* End of login/password authentication */ return 1; }
int sspi_CopyAuthIdentity(SEC_WINNT_AUTH_IDENTITY* identity, SEC_WINNT_AUTH_IDENTITY* srcIdentity) { int status; if (identity->Flags == SEC_WINNT_AUTH_IDENTITY_ANSI) { status = sspi_SetAuthIdentity(identity, (char*) srcIdentity->User, (char*) srcIdentity->Domain, (char*) srcIdentity->Password); if (status <= 0) return -1; identity->Flags = SEC_WINNT_AUTH_IDENTITY_UNICODE; return 1; } identity->Flags = SEC_WINNT_AUTH_IDENTITY_UNICODE; identity->User = identity->Domain = identity->Password = NULL; identity->UserLength = srcIdentity->UserLength; if (identity->UserLength > 0) { identity->User = (UINT16*) malloc((identity->UserLength + 1) * sizeof(WCHAR)); if (!identity->User) return -1; CopyMemory(identity->User, srcIdentity->User, identity->UserLength * sizeof(WCHAR)); identity->User[identity->UserLength] = 0; } identity->DomainLength = srcIdentity->DomainLength; if (identity->DomainLength > 0) { identity->Domain = (UINT16*) malloc((identity->DomainLength + 1) * sizeof(WCHAR)); if (!identity->Domain) return -1; CopyMemory(identity->Domain, srcIdentity->Domain, identity->DomainLength * sizeof(WCHAR)); identity->Domain[identity->DomainLength] = 0; } identity->PasswordLength = srcIdentity->PasswordLength; if (identity->PasswordLength > 256) identity->PasswordLength /= SSPI_CREDENTIALS_HASH_LENGTH_FACTOR; if (identity->PasswordLength > 0) { identity->Password = (UINT16*) malloc((identity->PasswordLength + 1) * sizeof(WCHAR)); if (!identity->Password) return -1; CopyMemory(identity->Password, srcIdentity->Password, identity->PasswordLength * sizeof(WCHAR)); identity->Password[identity->PasswordLength] = 0; } identity->PasswordLength = srcIdentity->PasswordLength; return 1; }
BOOL ntlm_client_init(rdpNtlm* ntlm, BOOL http, char* user, char* domain, char* password) { SECURITY_STATUS status; sspi_GlobalInit(); #ifdef WITH_NATIVE_SSPI { HMODULE hSSPI; INIT_SECURITY_INTERFACE InitSecurityInterface; PSecurityFunctionTable pSecurityInterface = NULL; hSSPI = LoadLibrary(_T("secur32.dll")); #ifdef UNICODE InitSecurityInterface = (INIT_SECURITY_INTERFACE) GetProcAddress(hSSPI, "InitSecurityInterfaceW"); #else InitSecurityInterface = (INIT_SECURITY_INTERFACE) GetProcAddress(hSSPI, "InitSecurityInterfaceA"); #endif ntlm->table = (*InitSecurityInterface)(); } #else ntlm->table = InitSecurityInterface(); #endif sspi_SetAuthIdentity(&(ntlm->identity), user, domain, password); if (http) { DWORD status; DWORD SpnLength; SpnLength = 0; status = DsMakeSpn(_T("HTTP"), _T("LAB1-W2K8R2-GW.lab1.awake.local"), NULL, 0, NULL, &SpnLength, NULL); if (status != ERROR_BUFFER_OVERFLOW) { _tprintf(_T("DsMakeSpn: expected ERROR_BUFFER_OVERFLOW\n")); return -1; } ntlm->ServicePrincipalName = (LPTSTR) malloc(SpnLength * sizeof(TCHAR)); status = DsMakeSpn(_T("HTTP"), _T("LAB1-W2K8R2-GW.lab1.awake.local"), NULL, 0, NULL, &SpnLength, ntlm->ServicePrincipalName); } status = ntlm->table->QuerySecurityPackageInfo(NTLMSP_NAME, &ntlm->pPackageInfo); if (status != SEC_E_OK) { printf("QuerySecurityPackageInfo status: 0x%08X\n", status); return FALSE; } ntlm->cbMaxToken = ntlm->pPackageInfo->cbMaxToken; status = ntlm->table->AcquireCredentialsHandle(NULL, NTLMSP_NAME, SECPKG_CRED_OUTBOUND, NULL, &ntlm->identity, NULL, NULL, &ntlm->credentials, &ntlm->expiration); if (status != SEC_E_OK) { printf("AcquireCredentialsHandle status: 0x%08X\n", status); return FALSE; } ntlm->haveContext = FALSE; ntlm->haveInputBuffer = FALSE; ZeroMemory(&ntlm->inputBuffer, sizeof(SecBuffer)); ZeroMemory(&ntlm->outputBuffer, sizeof(SecBuffer)); ZeroMemory(&ntlm->ContextSizes, sizeof(SecPkgContext_Sizes)); ntlm->fContextReq = 0; if (http) { /* flags for HTTP authentication */ ntlm->fContextReq |= ISC_REQ_CONFIDENTIALITY; } else { /** * flags for RPC authentication: * RPC_C_AUTHN_LEVEL_PKT_INTEGRITY: * ISC_REQ_USE_DCE_STYLE | ISC_REQ_DELEGATE | ISC_REQ_MUTUAL_AUTH | * ISC_REQ_REPLAY_DETECT | ISC_REQ_SEQUENCE_DETECT */ ntlm->fContextReq |= ISC_REQ_USE_DCE_STYLE; ntlm->fContextReq |= ISC_REQ_DELEGATE | ISC_REQ_MUTUAL_AUTH; ntlm->fContextReq |= ISC_REQ_REPLAY_DETECT | ISC_REQ_SEQUENCE_DETECT; } return TRUE; }